Method and System for Providing Strong Security in Insecure Networks

1. A method for providing strong security in an insecure network comprising a plurality of nodes, comprising: creating a payload associated with a data packet for transmission by a sending node; when the payload is associated with a unicast data packet: encrypting the payload using a corresponding private key associated with the sending node to obtain a unicast encrypted payload; encrypting the unicast encrypted payload using a public key associated with a receiving node to obtain a double-encrypted payload; and transmitting the data packet comprising the double-encrypted payload to the receiving node over the insecure network, wherein the sending node and the receiving node are each one of the plurality nodes in the insecure network; and when the payload is not associated with the unicast data packet: encrypting the payload using a private key associated with the sending node to obtain a non-unicast encrypted payload; encapsulating the non-unicast encrypted payload via a network protocol stack to obtain the data packet; and transmitting the data packet comprising the non-unicast encrypted payload to the receiving node in the insecure network.

2. The method of claim 1 , further comprising: encapsulating the double-encrypted payload via the network protocol stack to obtain the data packet prior to transmitting the data packet.

3. The method of claim 1 , wherein the double-encrypted payload is encrypted using at least one asymmetric cryptographic algorithm.

4. The method of claim 1 , wherein the payload is associated with one selected from the group consisting of a multicast data packet and a broadcast data packet, if the payload is not associated with the unicast packet.

5. The method of claim 1 , wherein the sending node comprises a database of public keys comprising the public key associated with the receiving node.

6. The method of claim 1 , further comprising: adding a node to the insecure network, wherein adding the node comprises obtaining a public key associated with the node and sending the public key to the plurality of nodes in the insecure network.

7. The method of claim 1 , further comprising: receiving the data packet comprising the double-encrypted payload by the receiving node in the insecure network; when the data packet is the unicast data packet: decrypting a payload associated with the data packet using a private key associated with the receiving node to obtain an intermediate payload; and decrypting the intermediate payload using a public key associated with a sending node to obtain a decrypted payload.

8. The method of claim 7 , wherein the receiving node comprises a database of public keys comprising the public key associated with the sending node.

9. The method of claim 7 , wherein the payload is decrypted using at least one asymmetric cryptographic algorithm used to encrypt the payload.

10. An insecure network system comprising a plurality of nodes, comprising: a sending node configured to double encrypt a payload associated with a data packet using a database of public keys operatively connected to the sending node and a private key corresponding to the sending node of which only the sending node is aware, when the data packet is a unicast data packet; a receiving node configured to decrypt the double encrypted payload using a database of public keys operatively connected to the receiving nod; wherein the sending node and the receiving node are each one of the plurality nodes in the insecure network system; the database of public keys operatively connected to the sending node comprising a public key of the receiving node; and the database of public keys operatively connected to the receiving node comprising a public key of the sending node, wherein when the data packet is not a unicast packet: the sending node is configured to: encrypt the payload using the private key of the sending node to obtain a non-unicast encrypted payload, encapsulate the non-unicast encrypted payload via a network protocol stack to obtain the non-unicast data packet; and transmit the data packet comprising the non-unicast encrypted payload to the receiving node in the insecure network.

11. The system of claim 10 , wherein the payload is double encrypted using at least one asymmetric cryptographic algorithm.

12. The system of claim 11 , wherein double encrypting the payload comprises encrypting the payload using the private key of the sending node to obtain an encrypted payload, and encrypting the encrypted payload using the public key of the receiving node.

13. The system of claim 10 , wherein the payload is associated with one selected from the group consisting of a multicast data packet and a broadcast data packet, if the payload does not correspond to the unicast packet.

14. The system of claim 10 , wherein the sending node is further configured to transmit the double-encrypted payload to the receiving node.

15. The system of claim 14 , wherein the sending node is further configured to encapsulate the data packet comprising the double-encrypted payload using the network protocol stack prior to transmitting the double-encrypted payload to the receiving node.

16. A computer system for providing strong security in an insecure network comprising a plurality of nodes, comprising: a processor; a memory; a storage device; and software instructions stored in the memory for enabling the computer system under control of the processor, to: create a payload associated with a data packet for transmission by a sending node; when the payload is associated with a unicast data packet: encrypt the payload using a corresponding private key associated with the sending node to obtain a unicast encrypted payload; encrypt the unicast encrypted payload using a public key associated with a receiving node to obtain a double-encrypted payload; and transmit the data packet comprising the double-encrypted payload to the receiving node over the insecure network, wherein the sending node and the receiving node are one of the plurality nodes in the insecure network; and when the payload is not associated with the unicast data packet: encrypt the payload using a private key associated with the sending node to obtain a non-unicast encrypted payload; encapsulate the non-unicast encrypted payload via a network protocol stack to obtain the data packet; and transmit the data packet comprising the non-unicast encrypted payload to the receiving node in the insecure network.